msyds/sydnix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
28b2aece65fa69d16a12ec25ef9dd8042e435e9e
sydnix/README.org
Madeleine Sydney 28b2aece65 rewrite erase-home-darlings service in clojure
2024-12-12 01:29:09 -07:00

261 lines
6.6 KiB
Org Mode
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#+PROPERTY: header-args :noweb no-export :results silent :comments both :tangle no
#+STARTUP: overview
#+title: Madeleine's dots for the literate (=sydnix=)
* Top-level flake
#+begin_src nix :tangle flake.nix
{
description = "Madeleine's dots for the literate (sydnix)";
inputs = {
<<flake-inputs>>
disko.url = "github:nix-community/disko";
nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { nixpkgs, ... }@inputs: {
nixosConfigurations = (
<<flake-outputs-nixos>>
);
};
}
#+end_src
* Features
What are referred to as /features/ here largely correspond to Nix modules, but are
not limited to Nix modules.
** Impermanence
*** Flake input
#+begin_src nix :noweb-ref flake-inputs
impermanence.url = "github:nix-community/impermanence";
#+end_src
*** Top-level module
#+begin_src nix :tangle modules/system/impermanence.nix
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.sydnix.impermanence;
in {
options = {
sydnix.impermanence = {
<<sydnix-impermanence-options>>
};
};
config = mkIf cfg.enable (mkMerge [
]);
}
#+end_src
*** Options
**** =enable=
#+begin_src nix :noweb-ref sydnix-impermanence-options
enable = mkOption {
type = types.bool;
default = false;
};
#+end_src
* Machines
For every ~./hosts/NAME/configuration.nix~, define the system under the name ~NAME~.
#+begin_src nix :noweb-ref flake-outputs-nixos
let mkHost = k: v: nixpkgs.lib.nixosSystem {
specialArgs = inputs;
system = import ./hosts/${k}/system.nix;
modules = [
./hosts/${k}/configuration.nix
# Directory name should always match host name.
({ ... }: { networking.hostName = k; })
];
};
in
builtins.mapAttrs mkHost (builtins.readDir ./hosts)
#+end_src
** =nixos-testbed=
#+begin_src nix :tangle hosts/nixos-testbed/configuration.nix
{ config, pkgs, lib, disko, ... }:
{
imports = [
./hardware-configuration.nix
./disko-config.nix
disko.nixosModules.disko
];
# boot.initrd.postDeviceCommands = ''
# if zfs list -t snapshot -H -o name \
# | grep -qE '^rpool/local/root@previous$'; then
# zfs destroy -r rpool/local/root@previous \
# && echo ">> >> previous previous snapshot destroyed << <<"
# else
# echo ">> >> no previous previous snapshot found << <<"
# fi
# zfs snapshot -r rpool/local/root@previous \
# && echo ">> >> pre-rollback snapshot taken << <<"
# zfs rollback -r rpool/local/root@blank \
# && echo ">> >> rollback complete << <<"
# '';
# boot.initrd.supportedFilesystems = [ "zfs" ];
# boot.supportedFilesystems = [ "zfs" ];
boot.initrd.enable = true;
boot.initrd.systemd.enable = true;
boot.initrd.systemd.initrdBin = with pkgs; [
zfs
coreutils
babashka
];
boot.initrd.systemd.services.erase-darlings = {
description = "Rollback filesystem to a blank state on boot";
wantedBy = [
"initrd.target"
];
after = [
# "zfs-import.service"
"zfs-import-rpool.service"
];
before = [
"sysroot.mount"
];
path = [ pkgs.zfs ];
unitConfig.DefaultDependencies = "no";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = /* bash */ ''
zfs rollback -r rpool/local/root@blank \
&& echo ">> >> rollback complete << <<"
'';
};
systemd.services.erase-home-darlings = {
description = "Rollback home to a blank state on boot";
wantedBy = [
"multi-user.target"
];
before = [
# "basic.target"
];
after = [
"home.mount"
];
path = [ pkgs.zfs pkgs.babashka ];
# unitConfig.DefaultDependencies = "no";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart =
let script = ./erase-home-darlings.clj;
in ''${pkgs.babashka}/bin/bb "${script}" 3'';
};
stopIfChanged = false;
restartIfChanged = false;
};
# boot.loader.grub = {
# enable = true;
# device = "nodev";
# # device = "/dev/vda";
# efiSupport = true;
# efiInstallAsRemovable = true;
# };
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
# networking.hostName = "nixos-testbed";
networking.hostId = "238e9b1e"; # head -c 8 /etc/machine-id
time.timeZone = "America/Denver";
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
# keyMap = "us";
useXkbConfig = true; # use xkb.options in tty.
};
services.xserver.enable = true;
# services.displayManager.sddm.enable = true;
# services.desktopManager.plasma6.enable = true;
services.xserver.xkb.layout = "us";
services.xserver.xkb.options = "caps:escape";
users.users.crumb = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
# Change this immediately after installation!
initialPassword = "password123";
};
environment.systemPackages = with pkgs; [
neovim
];
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "yes";
# This option defines the first version of NixOS you have installed on this
# particular machine, and is used to maintain compatibility with application
# data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any
# reason, even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are
# pulled from, so changing it will NOT upgrade your system - see
# https://nixos.org/manual/nixos/stable/#sec-upgrading for how to actually do
# that.
#
# This value being lower than the current NixOS release does NOT mean your
# system is out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes
# it would make to your configuration, and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or
# https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.05"; # Did you read the comment?
}
#+end_src
** =guix-rebound=
The primary desktop of a girl done with her plebian phase, and done with Guix's
bullshit.
* References
- My darling dearest Faye's =wishsys= }:D
- [[https://github.com/rasendubi/dotfiles][rasendubi/dotfiles]]
- [[https://github.com/hlissner/dotfiles/][hlissner/dotfiles]]
- [[https://github.com/Shawn8901/nix-configuration/tree/af71d51998a6772a300f842795b947e27202fa73][Shawn8901/nix-configuration]]
Reference in New Issue View Git Blame Copy Permalink